FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

quagga -- BGP OPEN denial of service vulnerability

Affected packages
quagga <= 0.99.20.1
quagga-re < 0.99.17.10

Details

VuXML ID 1e14d46f-af1f-11e1-b242-00215af774f0
Discovery 2012-06-04
Entry 2012-06-05

CERT reports:

If a pre-configured BGP peer sends a specially-crafted OPEN message with a malformed ORF capability TLV, Quagga bgpd process will erroneously try to consume extra bytes from the input packet buffer. The process will detect a buffer overrun attempt before it happens and immediately terminate with an error message. All BGP sessions established by the attacked router will be closed and its BGP routing disrupted.

References

CVE Name CVE-2012-1820
URL http://www.kb.cert.org/vuls/id/962587